I have a site and its running WordPress 5.7 and I have 2 password protected pages and when I goto login to these pages I get a white screen after logging in. The URL that I get redirected to is: /wp-login.php?action=postpass I have tried the following solutions:
- Download a fresh version of WordPress and replaced wp-login.php on my site with the fresh one.
- Deactivated all my plugins
- Deactivated my theme and switched to the default one (Twenty Nineteen)
And none of those worked, anyone got any other solution to this issue?
Thanks,
4
Answers
Since August 2020, Chrome and other browsers STARTED rolling a tighter referrer policy with a default to
strict-origin-when-cross-origin.Adding with
no-referrer-when-downgradeshould supposedly force a referrer downgrade to it’s previous status.(Even tho that might fix it, it might not be the best option, as it might become mandatory in a near/far future to roll with a tighter one, as law changes in regards to privacy across countries).
Tho the impact is supposed to be limited, you might be falling under that category. And you’re not the only one.
A complete in-details post as been published by the beautiful people at Google, don’t hesitate to take a look. They have a section, "If this impacts your site, consider alternatives".
It is hard to say exactly what is going on with such limited information. Analysis of the code in
wp-login.phpshows that the described issue could happen if there is no$_SERVER['HTTP_REFERER']in the request. I have reproduced the issue addingbefore line 650
in
wp-login.php.To check that the issue is related to the referrer, please try to insert the line
before the same line 650 in
wp-login.php(and don’t forget to remove it later), and let me know the output – you have to see it on the white screen.It seems to me you will have the following message:
The question is – why don’t you have a referrer here.
Browser does not provide a referrer doing the HTTP request from an HTTPS page. If the site was moved to HTTPS incorrectly, the form can contain the
actionfield withhttp:.Some browser extensions can also make tricks. Please deactivate all of them.
i had same problem to solve my issue i go to wp-includes/post-template.php
and search the funciton get_the_password_form()
and add this
<input type="hidden" name="_wp_http_referer" value="'.get_permalink().'" />after $output
and also add this ( apply_filters( ‘the_password_form’, $output );
return $output; )
it is work for me
I just had the same problem. Then noticed that we have the domain in wordpress with www. but they set a link to the protected page without www. When I enter the password without www it gets redirected to the domain without www and have no cookie for this domain, thus not logged in and white page. I added a redirect from non www to www domain in htaccess to be sure the domain is correct and it worked!